The unix_clean_name function in Samba 2.2.x up to and including 2.2.11, and 3.0.x prior to 3.0.2a, trims certain directory names down to absolute paths, which could allow remote malicious users to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
samba samba 2.2.0 |
||
samba samba 2.2.5 |
||
samba samba 2.2.6 |
||
samba samba 3.0.0 |
||
samba samba 2.2.0a |
||
samba samba 2.2.11 |
||
samba samba 2.2.1a |
||
samba samba 2.2.7 |
||
samba samba 2.2.7a |
||
samba samba 3.0.1 |
||
samba samba 3.0.2 |
||
samba samba 2.2.2 |
||
samba samba 2.2.3 |
||
samba samba 2.2.8 |
||
samba samba 2.2.8a |
||
samba samba 3.0.2a |
||
samba samba 2.2.3a |
||
samba samba 2.2.4 |
||
samba samba 2.2.9 |
||
samba samba 2.2a |